Usually, developer doesn't need to override default marshalling or unmarshalling validation behavior but the validator has a problem with "XmlGregorianCalendar" unmarshalling, it simply ignores the error (because it is warning for some reason) and it is impossible to get an exception without replacing default validator.

It would be very good if these methods ("createUnmarshaller(..)" and "createMarshaller(..)") had "protected" access modifier. In this case the methods should accept "JAXBContext" as a parameter instead of "Class<?>" to keep "getJaxbContext(..)" private.

Another option is adding additional setters for validation handler and many other JAXB options. It seems not so scalable but more strict.